PFsense + Radius for authoritzation for VM
-
Hi Guys,
TL;TR: Can pfsense handle authorizing between users and VMs through a Radius server?
In my architecture I have Pfsense as firewall with uses Radius to handle AAA. Then in the LAN I've several machines. Each user connect through a VPN remote access, then they ask permission to connect to a VM using a web form (which can grant or deny the access). The first idea was to handle the authorization (the "book" a VM concept) using the same Radius server used for authentication, but seems that this is not possible with pfsense. I think that the only way to do that is creating dynamically FW rules, which is not a good solution because the authentication and the authorization are done and configured in two different places.
Any idea? There's a better solution or I'm just doing it right?
Thanks a lot.